<?php
/***************
* @Project	Warabi
* @Author	Feifei
* @Date		04/19/2009
***************/

/**This module is to deal the ap delete card request**/
include_once($_SERVER['DOCUMENT_ROOT'].'/header.inc.php');

$httprequest = new wbHttpRequest();

list($headers , $body) = $httprequest->output();

$sender_name = rawurldecode($_GET["sender"]);
$card_id = rawurldecode($_GET["id"]);

/***if the sender name is empty or receiver_name and card id is empty**/
if(empty($sender_name) && empty($card_id)){
	header(error_url_param_missing);
	exit;
}

/**if the sender doesn't exist in database , give a 400 response**/
$db = new wbDatabase();
$sql = "select * from ".__table_card_list__." where sender='".$sender_name."' and cardListId=".$card_id;
$set = $db->query($sql);

if($db->countResult($set)==0){
	header(error_url_param_missing);
	exit;
}

$db->freeResult($set);

/** wsse authorize **/
/***if the wsse is wrong , give a 401 unauthorized response**/
$xwsse = $headers["X_WSSE"];
$type=0;
$doorkey = magicWsse($xwsse , $db , $type);

if(!$doorkey){
	header(error_autorized_header);
	exit;
}

/*$sql = "select readFlag from ".__table_card_list__." where cardListId=".$card_id;
$result = $db->fetchResultBySql($sql);
if($result[0]==1){
	header(error_xml_element_missing);
	exit;
}*/

/** delete the cardlistid **/
$sql = "update ".__table_card_list__." set deleteFlag=1 where cardListId=".$card_id;
$err = $db->query($sql);
$db->disconnect();

if(!$err){
	header(error_server_system);
	exit;
}


header(success_response);



?>